[JAVA-3898] Implementing X509 authentication running into socket exceptions Created: 01/Dec/20  Updated: 27/Oct/23  Resolved: 22/Dec/20

Status: Closed
Project: Java Driver
Component/s: Configuration
Affects Version/s: 4.0.1
Fix Version/s: None

Type: Task Priority: Major - P3
Reporter: Bhaskar Avisha Assignee: Jeffrey Yemin
Resolution: Gone away Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Production


Attachments: PNG File screenshot-1.png    

 Description   
MongodbConfiguration.java
package com.imports.ci;
import java.security.NoSuchAlgorithmException;

import java.util.Arrays;
import org.bson.Document;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Configuration;
import org.springframework.data.mongodb.config.AbstractMongoConfiguration;
import org.springframework.data.mongodb.repository.config.EnableMongoRepositories;
import com.mongodb.MongoClient;
import com.mongodb.MongoClientOptions;
import com.mongodb.MongoCredential;
import com.mongodb.ServerAddress;
import com.mongodb.client.MongoCollection;
import com.mongodb.client.MongoDatabase;

@Configuration

@EnableMongoRepositories("com.imports.ci")
public class MongodbConfiguration extends AbstractMongoConfiguration {
       private final Logger logger = LoggerFactory.getLogger(this.getClass());
       @Value("${ssl.mongodb.host}")

       private String host;

       @Value("${ssl.mongodb.port}")

       private Integer port;

       @Value("${ssl.mongodb.username}")

       private String username;

       @Value("${ssl.mongodb.database}")

       private String database;

       @Value("${ssl.mongodb.password}")

       private String password;

       @Value("${ssl.mongodb.javax.net.ssl.trustStore.path}")

       private String trustStorePath;

       @Value("${ssl.mongodb.javax.net.ssl.trustStore.password}")

       private String trustStorePassword;

       @Override

       public MongoClient mongo() throws NoSuchAlgorithmException {
             logger.info("Inside MongodbConfiguration.mongo Method ");
             MongoCredential credential = MongoCredential.createMongoX509Credential(
                           "CN=XXXX.com,OU=XX,O=XX,L=XX,ST=NC,C=US");
             System.setProperty("javax.net.ssl.keyStore", trustStorePath);

             System.setProperty("javax.net.ssl.keyStorePassword", "changeit");
             logger.info("credential ::{}", credential);
             MongoClientOptions options = new MongoClientOptions.Builder().sslEnabled(true).socketKeepAlive(true).build();

             MongoClient client = new MongoClient(new ServerAddress(host), Arrays.asList(credential), options);
             MongoDatabase db = client.getDatabase(database);

             MongoCollection<Document> collection = db.getCollection("commercial_invoice_staging");
             logger.info("No of Documents in orders collection: " + collection.count());
             return client;

       }

       @Override
       protected String getDatabaseName() {

             return database;

       }}

POM.XMLPOM.XML
<parent> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-parent</artifactId> <version>1.5.13.RELEASE</version> <relativePath /> <!-- lookup parent from repository --> </parent>
<dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-data-mongodb</artifactId> </dependency>

Application.properties:

spring.data.mongodb.authentication-database=admin

ssl.mongodb.javax.net.ssl.trustStore.path=/usr/iptservice/iptci/mnt/ /truststore/mongoStore.ts

ssl.mongodb.javax.net.ssl.trustStore.password=XX

ssl.mongodb.host=testdev001

ssl.mongodb.port=27017

ssl.mongodb.username=TestDev

ssl.mongodb.database=admin

ssl.mongodb.password=xyz

ssl.mongodb.certificate.username=CN=XXXX.com,OU=XX,O=XX,L=XX,ST=NC,C=US



 Comments   
Comment by Backlog - Core Eng Program Management Team [ 22/Dec/20 ]

There hasn't been any recent activity on this ticket, so we're resolving it. Thanks for reaching out! Please feel free to comment on this if you're able to provide more information.

Comment by Jeffrey Yemin [ 07/Dec/20 ]

The only thing I found searching for this exception is this: https://stackoverflow.com/questions/15967650/caused-by-java-security-unrecoverablekeyexception-cannot-recover-key. Hopefully it will be of use.

Comment by Jeffrey Yemin [ 07/Dec/20 ]

Hi there, thank you for reaching out. This is almost certainly not a bug in the driver, so I wanted to give you some resources to get this question answered:

  • Our MongoDB support portal, located at support.mongodb.com
  • Our MongoDB community portal, located here
  • If you are an Atlas customer, there is free support offered 24/7 in the lower right hand corner of the UI

Just in case you have already opened a support case and are not receiving sufficient help, please let me know and I can facilitate escalating your issue.

Thank you!

Comment by Bhaskar Avisha [ 01/Dec/20 ]

Error Log :  

20:42:09.126 [localhost-startStop-1] INFO  o.s.b.w.s.FilterRegistrationBean - Mapping filter: 'applicationContextIdFilter' to: [/*]

20:42:09.248 [main] INFO  c.l.i.c.MongodbConfiguration$$EnhancerBySpringCGLIB$$c1cdc540 - Inside MongodbConfiguration.mongo Method

20:42:09.253 [main] INFO  c.l.i.c.MongodbConfiguration$$EnhancerBySpringCGLIB$$c1cdc540 - credential ::MongoCredential{mechanism=MONGODB-X509, userName=CN=XXXX.com,OU=XX,O=XX,L=XX,ST=NC,C=US', source='$external', password=<hidden>, mechanismProperties={}}

20:42:11.608 [main] INFO  org.mongodb.driver.cluster - Cluster created with settings {hosts=[testdev001:27017], mode=SINGLE, requiredClusterType=UNKNOWN, serverSelectionTimeout='30000 ms', maxWaitQueueSize=500}

20:42:11.672 [cluster-ClusterId\{value='5fc1174b763e0a5c283ffd74', description='null'}-testdev001:27017] INFO  org.mongodb.driver.cluster - Exception in monitor thread while connecting to server testdev001:27017

com.mongodb.MongoSocketOpenException: Exception opening socket

       at com.mongodb.connection.SocketStream.open(SocketStream.java:63)

       at com.mongodb.connection.InternalStreamConnection.open(InternalStreamConnection.java:115)

       at com.mongodb.connection.DefaultServerMonitor$ServerMonitorRunnable.run(DefaultServerMonitor.java:113)

       at java.lang.Thread.run(Thread.java:745)

Caused by: java.net.SocketException: java.security.NoSuchAlgorithmException: Error constructing implementation (algorithm: Default, provider: SunJSSE, class: sun.security.ssl.SSLContextImpl$DefaultSSLContext)

       at javax.net.ssl.DefaultSSLSocketFactory.throwException(SSLSocketFactory.java:248)

       at javax.net.ssl.DefaultSSLSocketFactory.createSocket(SSLSocketFactory.java:255)

       at com.mongodb.connection.SocketStream.open(SocketStream.java:57)

       ... 3 common frames omitted

Caused by: java.security.NoSuchAlgorithmException: Error constructing implementation (algorithm: Default, provider: SunJSSE, class: sun.security.ssl.SSLContextImpl$DefaultSSLContext)

       at java.security.Provider$Service.newInstance(Provider.java:1617)

       at sun.security.jca.GetInstance.getInstance(GetInstance.java:236)

       at sun.security.jca.GetInstance.getInstance(GetInstance.java:164)

       at javax.net.ssl.SSLContext.getInstance(SSLContext.java:156)

       at javax.net.ssl.SSLContext.getDefault(SSLContext.java:96)

       at javax.net.ssl.SSLSocketFactory.getDefault(SSLSocketFactory.java:122)

       at com.mongodb.MongoClientOptions.<clinit>(MongoClientOptions.java:54)

       at com.mongodb.MongoClientOptions$Builder.build(MongoClientOptions.java:1396)

       at com.imports.ci.MongodbConfiguration.mongo(MongodbConfiguration.java:60)

       at com.imports.ci.MongodbConfiguration.mongo(MongodbConfiguration.java:1)

       at com.imports.ci.MongodbConfiguration$$EnhancerBySpringCGLIB$$c1cdc540.mongo(<generated>)

       at org.springframework.data.mongodb.config.AbstractMongoConfiguration.mongoDbFactory(AbstractMongoConfiguration.java:115)

       at com.imports.ci.MongodbConfiguration$$EnhancerBySpringCGLIB$$c1cdc540.CGLIB$mongoDbFactory$6(<generated>)

       at com.imports.ci.MongodbConfiguration$$EnhancerBySpringCGLIB$$c1cdc540$$FastClassBySpringCGLIB$$1ec76a23.invoke(<generated>)

       at org.springframework.cglib.proxy.MethodProxy.invokeSuper(MethodProxy.java:228)

       at org.springframework.context.annotation.ConfigurationClassEnhancer$BeanMethodInterceptor.intercept(ConfigurationClassEnhancer.java:358)

       at com.imports.ci.MongodbConfiguration$$EnhancerBySpringCGLIB$$c1cdc540.mongoDbFactory(<generated>)

       at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

       at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)

       at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)

       at java.lang.reflect.Method.invoke(Method.java:497)

       at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:162)

       at org.springframework.beans.factory.support.ConstructorResolver.instantiateUsingFactoryMethod(ConstructorResolver.java:588)

       at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.instantiateUsingFactoryMethod(AbstractAutowireCapableBeanFactory.java:1181)

       at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:1075)

       at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:513)

       at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:483)

       at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:312)

       at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:230)

       at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:308)

       at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:197)

       at org.springframework.context.annotation.ConfigurationClassEnhancer$BeanMethodInterceptor.obtainBeanInstanceFromFactory(ConfigurationClassEnhancer.java:389)

       at org.springframework.context.annotation.ConfigurationClassEnhancer$BeanMethodInterceptor.intercept(ConfigurationClassEnhancer.java:361)

       at com.imports.ci.MongodbConfiguration$$EnhancerBySpringCGLIB$$c1cdc540.mongoDbFactory(<generated>)

       at org.springframework.data.mongodb.config.AbstractMongoConfiguration.mongoTemplate(AbstractMongoConfiguration.java:101)

       at com.imports.ci.MongodbConfiguration$$EnhancerBySpringCGLIB$$c1cdc540.CGLIB$mongoTemplate$4(<generated>)

       at com.imports.ci.MongodbConfiguration$$EnhancerBySpringCGLIB$$c1cdc540$$FastClassBySpringCGLIB$$1ec76a23.invoke(<generated>)

       at org.springframework.cglib.proxy.MethodProxy.invokeSuper(MethodProxy.java:228)

       at org.springframework.context.annotation.ConfigurationClassEnhancer$BeanMethodInterceptor.intercept(ConfigurationClassEnhancer.java:358)

       at com.imports.ci.MongodbConfiguration$$EnhancerBySpringCGLIB$$c1cdc540.mongoTemplate(<generated>)

       at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

       at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)

       at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)

       at java.lang.reflect.Method.invoke(Method.java:497)

       at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:162)

       at org.springframework.beans.factory.support.ConstructorResolver.instantiateUsingFactoryMethod(ConstructorResolver.java:588)

       at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.instantiateUsingFactoryMethod(AbstractAutowireCapableBeanFactory.java:1181)

       at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:1075)

       at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:513)

       at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:483)

       at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:312)

       at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:230)

       at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:308)

       at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:202)

       at org.springframework.beans.factory.config.DependencyDescriptor.resolveCandidate(DependencyDescriptor.java:208)

       at org.springframework.beans.factory.support.DefaultListableBeanFactory.doResolveDependency(DefaultListableBeanFactory.java:1138)

       at org.springframework.beans.factory.support.DefaultListableBeanFactory.resolveDependency(DefaultListableBeanFactory.java:1066)

       at org.springframework.beans.factory.annotation.AutowiredAnnotationBeanPostProcessor$AutowiredFieldElement.inject(AutowiredAnnotationBeanPostProcessor.java:585)

       at org.springframework.beans.factory.annotation.InjectionMetadata.inject(InjectionMetadata.java:88)

       at org.springframework.beans.factory.annotation.AutowiredAnnotationBeanPostProcessor.postProcessPropertyValues(AutowiredAnnotationBeanPostProcessor.java:366)

       at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:1272)

       at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:553)

       at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:483)

       at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:312)

       at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:230)

       at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:308)

       at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:202)

       at org.springframework.beans.factory.config.DependencyDescriptor.resolveCandidate(DependencyDescriptor.java:208)

       at org.springframework.beans.factory.support.DefaultListableBeanFactory.doResolveDependency(DefaultListableBeanFactory.java:1138)

       at org.springframework.beans.factory.support.DefaultListableBeanFactory.resolveDependency(DefaultListableBeanFactory.java:1066)

       at org.springframework.beans.factory.annotation.AutowiredAnnotationBeanPostProcessor$AutowiredFieldElement.inject(AutowiredAnnotationBeanPostProcessor.java:585)

       at org.springframework.beans.factory.annotation.InjectionMetadata.inject(InjectionMetadata.java:88)

       at org.springframework.beans.factory.annotation.AutowiredAnnotationBeanPostProcessor.postProcessPropertyValues(AutowiredAnnotationBeanPostProcessor.java:366)

       at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:1272)

       at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:553)

       at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:483)

       at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:312)

       at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:230)

       at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:308)

       at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:202)

       at org.springframework.beans.factory.config.DependencyDescriptor.resolveCandidate(DependencyDescriptor.java:208)

       at org.springframework.beans.factory.support.DefaultListableBeanFactory.doResolveDependency(DefaultListableBeanFactory.java:1138)

       at org.springframework.beans.factory.support.DefaultListableBeanFactory.resolveDependency(DefaultListableBeanFactory.java:1066)

       at org.springframework.beans.factory.annotation.AutowiredAnnotationBeanPostProcessor$AutowiredFieldElement.inject(AutowiredAnnotationBeanPostProcessor.java:585)

       at org.springframework.beans.factory.annotation.InjectionMetadata.inject(InjectionMetadata.java:88)

       at org.springframework.beans.factory.annotation.AutowiredAnnotationBeanPostProcessor.postProcessPropertyValues(AutowiredAnnotationBeanPostProcessor.java:366)

       at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:1272)

       at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:553)

       at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:483)

       at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:312)

       at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:230)

       at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:308)

       at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:197)

       at org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:761)

       at org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:867)

       at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:543)

       at org.springframework.boot.context.embedded.EmbeddedWebApplicationContext.refresh(EmbeddedWebApplicationContext.java:122)

       at org.springframework.boot.SpringApplication.refresh(SpringApplication.java:693)

       at org.springframework.boot.SpringApplication.refreshContext(SpringApplication.java:360)

       at org.springframework.boot.SpringApplication.run(SpringApplication.java:303)

       at org.springframework.boot.SpringApplication.run(SpringApplication.java:1118)

       at org.springframework.boot.SpringApplication.run(SpringApplication.java:1107)

       at com.imports.ci.IptciManagementApplication.main(IptciManagementApplication.java:14)

Caused by: java.security.UnrecoverableKeyException: Cannot recover key

       at sun.security.provider.KeyProtector.recover(KeyProtector.java:328)

       at sun.security.provider.JavaKeyStore.engineGetKey(JavaKeyStore.java:138)

       at sun.security.provider.JavaKeyStore$JKS.engineGetKey(JavaKeyStore.java:55)

       at java.security.KeyStore.getKey(KeyStore.java:1023)

       at sun.security.ssl.SunX509KeyManagerImpl.<init>(SunX509KeyManagerImpl.java:133)

       at sun.security.ssl.KeyManagerFactoryImpl$SunX509.engineInit(KeyManagerFactoryImpl.java:70)

       at javax.net.ssl.KeyManagerFactory.init(KeyManagerFactory.java:256)

       at sun.security.ssl.SSLContextImpl$DefaultSSLContext.getDefaultKeyManager(SSLContextImpl.java:874)

       at sun.security.ssl.SSLContextImpl$DefaultSSLContext.<init>(SSLContextImpl.java:732)

       at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)

       at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)

       at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)

       at java.lang.reflect.Constructor.newInstance(Constructor.java:422)

       at java.security.Provider$Service.newInstance(Provider.java:1595)

       ... 102 common frames omitted

20:42:11.689 [main] INFO  org.mongodb.driver.cluster - No server chosen by ReadPreferenceServerSelector{readPreference=primary} from cluster description ClusterDescription{type=UNKNOWN, connectionMode=SINGLE, serverDescriptions=[ServerDescription{address=testdev001:27017, type=UNKNOWN, state=CONNECTING, +exception=

{com.mongodb.MongoSocketOpenException+: Exception opening socket}

, caused by {java.net.SocketException: java.security.NoSuchAlgorithmException: Error constructing implementation (algorithm: Default, provider: SunJSSE, class: sun.security.ssl.SSLContextImpl$DefaultSSLContext)}, caused by {java.security.NoSuchAlgorithmException: Error constructing implementation (algorithm: Default, provider: SunJSSE, class: sun.security.ssl.SSLContextImpl$DefaultSSLContext)}, caused by {java.security.UnrecoverableKeyException: Cannot recover key}}]}. Waiting for 30000 ms before timing out

 ++ 

Generated at Thu Feb 08 09:00:43 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.